Dropbox users accidentally leak private files

Dropbox users accidentally leak private files
According to the IBT, the security flaw, was discovered by Intralinks when it was analysing web traffic to its own website.
Published: 6 May 2014 - 5:25 p.m.
By: Helen Gaskell
Intralink's chief technology officer for Europe, Middle East and Africa Richard Anstey said: "Most Internet users have, at one time or another, accidentally pasted a link into the search bar of their favourite search engine whilst intending to paste it into the Internet address bar - it's an easy mistake to make.

"However, what they don't realise is that when they press enter to execute the search, the advertisement engines that drive (and fund) the search engine will distribute that link as a search term to anyone who has paid for an adword that closely matches any part of that link."

According to the IBT, the security flaw, was discovered by Intralinks when it was analysing Web traffic to its own website.

"During a routine analysis of Google AdWords and Google Analytics data mentioning competitors' names (Dropbox and Box), we inadvertently discovered the fully clickable URLs necessary to access these documents that led us to live folder contents, some with sensitive data," the company said on a blog post.

Anstey said the company was able to access a number large number of files from these shared links: "In one case, corporate information including a business plan was uncovered. We also found evidence that many people are mingling their personal and professional files, potentially presenting privacy and security concerns for organisations."


Click here to add your comment

Please add your comment below
Name
Country
Email
Your email address will not be published
Captcha